Merge staging-next into staging

2022-11-23 12:01:56 +00:00 · 2022-11-23 12:01:56 +00:00 · 26b9cf3d24
parent e424324159 14088729f2
commit 26b9cf3d24
22 changed files with 221 additions and 47 deletions
--- a/nixos/tests/xmpp/prosody.nix
+++ b/nixos/tests/xmpp/prosody.nix
@ -42,7 +42,7 @@ in import ../make-test-python.nix {
        ${nodes.server.config.networking.primaryIPAddress} uploads.example.com
      '';
      environment.systemPackages = [
-        (pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = nodes.server.config.networking.primaryIPAddress; })
+        (pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = "example.com"; })
      ];
    };
    server = { config, pkgs, ... }: {
@ -82,6 +82,7 @@ in import ../make-test-python.nix {

  testScript = { nodes, ... }: ''
    # Check with sqlite storage
+    start_all()
    server.wait_for_unit("prosody.service")
    server.succeed('prosodyctl status | grep "Prosody is running"')

--- a/nixos/tests/xmpp/xmpp-sendmessage.nix
+++ b/nixos/tests/xmpp/xmpp-sendmessage.nix
@ -12,6 +12,7 @@ in writeScriptBin "send-message" ''
 #!${(python3.withPackages (ps: [ ps.slixmpp ])).interpreter}
 import logging
 import sys
+import signal
 from types import MethodType

 from slixmpp import ClientXMPP
@ -64,8 +65,13 @@ class CthonTest(ClientXMPP):
        log.info('MUC join success!')
        log.info('XMPP SCRIPT TEST SUCCESS')

+def timeout_handler(signalnum, stackframe):
+    print('ERROR: xmpp-sendmessage timed out')
+    sys.exit(1)

 if __name__ == '__main__':
+    signal.signal(signal.SIGALRM, timeout_handler)
+    signal.alarm(120)
    logging.basicConfig(level=logging.DEBUG,
                        format='%(levelname)-8s %(message)s')

@ -76,7 +82,7 @@ if __name__ == '__main__':
    ct.register_plugin('xep_0363')
    # MUC
    ct.register_plugin('xep_0045')
-    ct.connect(("server", 5222))
+    ct.connect(("${connectTo}", 5222))
    ct.process(forever=False)

    if not ct.test_succeeded:
--- a/pkgs/applications/graphics/antimony/default.nix
+++ b/pkgs/applications/graphics/antimony/default.nix
@ -5,19 +5,19 @@
 }:

 let
-  gitRev    = "8fb4b0929ce84cf375bfb83a9d522ccd80681eaf";
+  gitRev    = "8b805c674adad536f9dd552b4be75fadcb3c7db6";
  gitBranch = "develop";
  gitTag    = "0.9.3";
 in
  stdenv.mkDerivation {
    pname = "antimony";
-    version = "2020-03-28";
+    version = "2022-11-23";

    src = fetchFromGitHub {
      owner  = "mkeeter";
      repo   = "antimony";
      rev    = gitRev;
-      sha256 = "1s0zmq5jmhmb1wcsyaxfmii448g6x8b41mzvb1awlljj85qj0k2s";
+      sha256 = "NmOuBewfHqtAim2cNP62LXgRjVWuVUGweV46sY1qjGk=";
    };

    patches = [ ./paths-fix.patch ];
--- a/pkgs/applications/office/qownnotes/default.nix
+++ b/pkgs/applications/office/qownnotes/default.nix
@ -5,13 +5,13 @@

 mkDerivation rec {
  pname = "qownnotes";
-  version = "22.11.5";
+  version = "22.11.7";

  src = fetchurl {
    url = "https://download.tuxfamily.org/${pname}/src/${pname}-${version}.tar.xz";
    # Fetch the checksum of current version with curl:
    # curl https://download.tuxfamily.org/qownnotes/src/qownnotes-<version>.tar.xz.sha256
-    sha256 = "451c7bed728710d1ff7ddc5bcc5a32b829dfac3ed2bbfdb6f7c2c328e6676a8c";
+    sha256 = "2fbc20f17422bc44c35dd3e78feb710ca275ecb34c550b2a9c743939531f7878";
  };

  nativeBuildInputs = [ qmake qttools ];
--- a/pkgs/build-support/make-impure-test.nix
+++ b/pkgs/build-support/make-impure-test.nix
@ -0,0 +1,96 @@
+/* Create tests that run in the nix sandbox with additional access to selected host paths
+
+  This is for example useful for testing hardware where a tests needs access to
+  /sys and optionally more.
+
+  The following example shows a test that accesses the GPU:
+
+  Example:
+    makeImpureTest {
+      name = "opencl";
+      testedPackage = "mypackage"; # Or testPath = "mypackage.impureTests.opencl.testDerivation"
+
+      sandboxPaths = [ "/sys" "/dev/dri" ]; # Defaults to ["/sys"]
+      prepareRunCommands = ""; # (Optional) Setup for the runScript
+      nixFlags = []; # (Optional) nix-build options for the runScript
+
+      testScript = "...";
+    }
+
+  Save as `test.nix` next to a package and reference it from the package:
+    passthru.impureTests = { opencl = callPackage ./test.nix {}; };
+
+  `makeImpureTest` will return here a script that contains the actual nix-build command including all necessary sandbox flags.
+
+  It can be executed like this:
+    $(nix-build -A mypackage.impureTests)
+
+  Rerun an already cached test:
+    $(nix-build -A mypackage.impureTests) --check
+*/
+{ lib
+, stdenv
+, writeShellScript
+
+, name
+, testedPackage ? null
+, testPath ? "${testedPackage}.impureTests.${name}.testDerivation"
+, sandboxPaths ? [ "/sys" ]
+, prepareRunCommands ? ""
+, nixFlags ? [ ]
+, testScript
+, ...
+} @ args:
+
+let
+  sandboxPathsTests = builtins.map (path: "[[ ! -e '${path}' ]]") sandboxPaths;
+  sandboxPathsTest = lib.concatStringsSep " || " sandboxPathsTests;
+  sandboxPathsList = lib.concatStringsSep " " sandboxPaths;
+
+  testDerivation = stdenv.mkDerivation (lib.recursiveUpdate
+    {
+      name = "test-run-${name}";
+
+      requiredSystemFeatures = [ "nixos-test" ];
+
+      buildCommand = ''
+        mkdir -p $out
+
+        if ${sandboxPathsTest}; then
+          echo 'Run this test as *root* with `--option extra-sandbox-paths '"'${sandboxPathsList}'"'`'
+          exit 1
+        fi
+
+        # Run test
+        ${testScript}
+      '';
+
+      passthru.runScript = runScript;
+    }
+    (builtins.removeAttrs args [
+      "lib"
+      "stdenv"
+      "writeShellScript"
+
+      "name"
+      "testedPackage"
+      "testPath"
+      "sandboxPaths"
+      "prepareRunCommands"
+      "nixFlags"
+      "testScript"
+    ])
+  );
+
+  runScript = writeShellScript "run-script-${name}" ''
+    set -euo pipefail
+
+    ${prepareRunCommands}
+
+    sudo nix-build --option extra-sandbox-paths '${sandboxPathsList}' ${lib.escapeShellArgs nixFlags} -A ${testPath} "$@"
+  '';
+in
+# The main output is the run script, inject the derivation for the actual test
+runScript.overrideAttrs (old: {
+  passthru = { inherit testDerivation; };
+})
--- a/pkgs/development/libraries/amdvlk/default.nix
+++ b/pkgs/development/libraries/amdvlk/default.nix
@ -1,4 +1,5 @@
 { stdenv
+, callPackage
 , lib
 , fetchRepoProject
 , writeScript
@ -102,6 +103,8 @@ in stdenv.mkDerivation rec {
    setHash "$hash"
  '';

+  passthru.impureTests = { amdvlk = callPackage ./test.nix {}; };
+
  meta = with lib; {
    description = "AMD Open Source Driver For Vulkan";
    homepage = "https://github.com/GPUOpen-Drivers/AMDVLK";
--- a/pkgs/development/libraries/amdvlk/test.nix
+++ b/pkgs/development/libraries/amdvlk/test.nix
@ -0,0 +1,49 @@
+{ lib, makeImpureTest, coreutils, amdvlk, vulkan-tools }:
+makeImpureTest {
+  name = "amdvlk";
+  testedPackage = "amdvlk";
+
+  sandboxPaths = [ "/sys" "/dev/dri" ];
+
+  nativeBuildInputs = [ vulkan-tools ];
+
+  VK_ICD_FILENAMES = "${amdvlk}/share/vulkan/icd.d/amd_icd64.json";
+  XDG_RUNTIME_DIR = "/tmp";
+
+  # AMDVLK needs access to /dev/dri/card0 (or another card), but normally it is rw-rw----
+  # Change the permissions to be rw for everyone
+  prepareRunCommands = ''
+    function reset_perms()
+    {
+      # Reset permissions to previous state
+      for card in /dev/dri/card*; do
+        sudo ${coreutils}/bin/chmod "0''${cardPerms[$card]}" $card
+      done
+    }
+
+    # Save permissions on /dev/dri/card*
+    declare -A cardPerms
+    for card in /dev/dri/card*; do
+      cardPerms[$card]=$(stat -c "%a" $card)
+    done
+
+    sudo ${coreutils}/bin/chmod o+rw /dev/dri/card*
+    trap reset_perms EXIT
+  '';
+
+  testScript = ''
+    # Check that there is at least one card with write-access
+    if ! ls -l /dev/dri/card* | cut -b8-9 | grep -q rw; then
+      echo 'AMDVLK needs rw access to /dev/dri/card0 or a fitting card, please run `sudo chmod o+rw /dev/dri/card*`'
+      exit 1
+    fi
+
+    vulkaninfo --summary
+    echo "Checking version"
+    vulkaninfo --summary | grep '= ${amdvlk.version}'
+  '';
+
+  meta = with lib.maintainers; {
+    maintainers = [ Flakebi ];
+  };
+}
--- a/pkgs/development/libraries/rocm-opencl-icd/default.nix
+++ b/pkgs/development/libraries/rocm-opencl-icd/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenv, rocm-opencl-runtime }:
+{ lib, callPackage, stdenv, rocm-opencl-runtime }:

 stdenv.mkDerivation rec {
  pname = "rocm-opencl-icd";
@ -11,6 +11,8 @@ stdenv.mkDerivation rec {
    echo "${rocm-opencl-runtime}/lib/libamdocl64.so" > $out/etc/OpenCL/vendors/amdocl64.icd
  '';

+  passthru.impureTests = { rocm-opencl = callPackage ./test.nix {}; };
+
  meta = with lib; {
    description = "OpenCL ICD definition for AMD GPUs using the ROCm stack";
    license = licenses.mit;
--- a/pkgs/development/libraries/rocm-opencl-icd/test.nix
+++ b/pkgs/development/libraries/rocm-opencl-icd/test.nix
@ -0,0 +1,19 @@
+{ lib, makeImpureTest, clinfo, rocm-opencl-icd, rocm-smi }:
+makeImpureTest {
+  name = "rocm-opencl";
+  testedPackage = "rocm-opencl-icd";
+
+  nativeBuildInputs = [ clinfo rocm-smi ];
+
+  OCL_ICD_VENDORS = "${rocm-opencl-icd}/etc/OpenCL/vendors/";
+
+  testScript = ''
+    # Test fails if the number of platforms is 0
+    clinfo | grep -E 'Number of platforms * [1-9]'
+    rocm-smi | grep -A1 GPU
+  '';
+
+  meta = with lib; {
+    maintainers = teams.rocm.members;
+  };
+}
--- a/pkgs/development/ocaml-modules/reactivedata/default.nix
+++ b/pkgs/development/ocaml-modules/reactivedata/default.nix
@ -1,34 +1,26 @@
-{ lib, stdenv, fetchFromGitHub, ocaml, findlib, ocamlbuild, react, opaline }:
+{ lib, fetchFromGitHub, buildDunePackage, react }:

-if lib.versionOlder ocaml.version "4.04"
-then throw "reactiveData is not available for OCaml ${ocaml.version}"
-else
-
-stdenv.mkDerivation rec {
-  pname = "ocaml${ocaml.version}-reactiveData";
-  version = "0.2.2";
+buildDunePackage rec {
+  pname = "reactiveData";
+  version = "0.3";
+  duneVersion = "3";
+  minimalOCamlVersion = "4.08";

  src = fetchFromGitHub {
    owner = "ocsigen";
    repo = "reactiveData";
    rev = version;
-    sha256 = "sha256-YLkacIbjxZQ/ThgSxjTqviBYih6eW2GX5H7iybQDv1A=";
+    sha256 = "sha256-imUphE1vMe3bYqHhgTuGT+B7uLn75acX6fAwBLh1tz4=";
  };

-  nativeBuildInputs = [ ocaml findlib ocamlbuild opaline ];
  propagatedBuildInputs = [ react ];

  strictDeps = true;

-  buildPhase = "ocaml pkg/build.ml native=true native-dynlink=true";
-
-  installPhase = "opaline -prefix $out -libdir $OCAMLFIND_DESTDIR";
-
  meta = with lib; {
    description = "An OCaml module for functional reactive programming (FRP) based on React";
    homepage = "https://github.com/ocsigen/reactiveData";
    license = licenses.lgpl21;
-    platforms = ocaml.meta.platforms or [ ];
    maintainers = with maintainers; [ vbgl ];
  };
 }
--- a/pkgs/development/python-modules/autopep8/default.nix
+++ b/pkgs/development/python-modules/autopep8/default.nix
@ -3,20 +3,20 @@
 , buildPythonPackage
 , pycodestyle
 , glibcLocales
-, toml
+, tomli
 , pytestCheckHook
 }:

 buildPythonPackage rec {
  pname = "autopep8";
-  version = "1.7.1";
+  version = "2.0.0";

  src = fetchPypi {
    inherit pname version;
-    sha256 = "sha256-8AWCIOTMDvYSGZb8jsHDLwc15Ea+I8Th9pLeC/IxdN0=";
+    sha256 = "sha256-ixZZx/AD5pMZn1LK/9wGWFuwcWkAu8anRC/ZMdZYwHc=";
  };

-  propagatedBuildInputs = [ pycodestyle toml ];
+  propagatedBuildInputs = [ pycodestyle tomli ];

  checkInputs = [
    glibcLocales
--- a/pkgs/development/python-modules/monero/default.nix
+++ b/pkgs/development/python-modules/monero/default.nix
@ -14,13 +14,13 @@

 buildPythonPackage rec {
  pname = "monero";
-  version = "1.0.1";
+  version = "1.1.1";

  src = fetchFromGitHub {
    owner = "monero-ecosystem";
    repo = "monero-python";
    rev = "v${version}";
-    sha256 = "sha256-ZjAShIeGVVIKlwgSNPVSN7eaqhKu3wEpDP9wgBMOyZU=";
+    sha256 = "sha256-WIF3pFBOLgozYTrQHLzIRgSlT3dTZTe+7sF/dVjVdTo=";
  };

  postPatch = ''
--- a/pkgs/development/python-modules/python-lsp-server/default.nix
+++ b/pkgs/development/python-modules/python-lsp-server/default.nix
@ -23,6 +23,7 @@
 , rope
 , setuptools
 , setuptools-scm
+, toml
 , ujson
 , websockets
 , whatthepatch
@ -79,6 +80,7 @@ buildPythonPackage rec {
      pyflakes
      pylint
      rope
+      toml
      whatthepatch
      yapf
    ];
--- a/pkgs/development/tools/ocaml/js_of_ocaml/tyxml.nix
+++ b/pkgs/development/tools/ocaml/js_of_ocaml/tyxml.nix
@ -6,7 +6,8 @@
 buildDunePackage {
  pname = "js_of_ocaml-tyxml";

-  inherit (js_of_ocaml-compiler) version src useDune2;
+  inherit (js_of_ocaml-compiler) version src;
+  duneVersion = "3";

  buildInputs = [ js_of_ocaml-ppx ];

--- a/pkgs/development/tools/rust/cargo-public-api/default.nix
+++ b/pkgs/development/tools/rust/cargo-public-api/default.nix
@ -8,14 +8,14 @@

 rustPlatform.buildRustPackage rec {
  pname = "cargo-public-api";
-  version = "0.23.0";
+  version = "0.24.0";

  src = fetchCrate {
    inherit pname version;
-    sha256 = "sha256-yllfkhf0Xy8D6tL08QYPnz7Cj/JOvMG7E53elRx11EE=";
+    sha256 = "sha256-6PAOyZmaqsHHyzS9sI591tnAi3/kwRlQR4K4iZJmR5Q=";
  };

-  cargoSha256 = "sha256-UwrhgMmZ9PnIsxsWxQskaMHl03g54VeoZRo9ZPkSM28=";
+  cargoSha256 = "sha256-wWSVpWmD1ZItXgH5q0u16oBQ+d4wKjg+pvt/ZlgiWBg=";

  nativeBuildInputs = [ pkg-config ];

--- a/pkgs/development/web/twitter-bootstrap/default.nix
+++ b/pkgs/development/web/twitter-bootstrap/default.nix
@ -2,11 +2,11 @@

 stdenv.mkDerivation rec {
  pname = "bootstrap";
-  version = "5.2.2";
+  version = "5.2.3";

  src = fetchurl {
    url = "https://github.com/twbs/bootstrap/releases/download/v${version}/${pname}-${version}-dist.zip";
-    sha256 = "sha256-3zAnCKd+btQFd9aSwfESNz7HNapm2bgQOkf5m1zyMf8=";
+    sha256 = "sha256-j6IBaj3uHiBL0WI+BQ3PR36dKME7uYofWPV+D9QM3Tg=";
  };

  nativeBuildInputs = [ unzip ];
--- a/pkgs/servers/snappymail/default.nix
+++ b/pkgs/servers/snappymail/default.nix
@ -2,11 +2,11 @@
 , dataPath ? "/var/lib/snappymail" }:
 stdenv.mkDerivation rec {
  pname = "snappymail";
-  version = "2.21.3";
+  version = "2.21.4";

  src = fetchurl {
    url = "https://github.com/the-djmaze/snappymail/releases/download/v${version}/snappymail-${version}.tar.gz";
-    sha256 = "sha256-lDtbbovgPuXOgNKkHN2EiDltgzSQCVNvN/Qw4FOUVwo=";
+    sha256 = "sha256-NxE3weZRI06scDZHSL5QjL+boc0GVffHCTzBxncBIuU=";
  };

  sourceRoot = "snappymail";
--- a/pkgs/servers/unifi/default.nix
+++ b/pkgs/servers/unifi/default.nix
@ -66,7 +66,7 @@ in rec {
  };

  unifi7 = generic {
-    version = "7.2.92";
-    sha256 = "sha256-TB9fJAYnH09YSNAEdbMHsVJjil+ovBu8F/oVtxqhvIM=";
+    version = "7.2.95";
+    sha256 = "sha256-lZrOB8Xrl2/LvDJhtGsQ7Cn5YJ+/hnHuq8ODlOg3R6s=";
  };
 }
--- a/pkgs/tools/admin/syft/default.nix
+++ b/pkgs/tools/admin/syft/default.nix
@ -2,13 +2,13 @@

 buildGoModule rec {
  pname = "syft";
-  version = "0.62.0";
+  version = "0.62.1";

  src = fetchFromGitHub {
    owner = "anchore";
    repo = pname;
    rev = "v${version}";
-    sha256 = "sha256-hed2ikV9xVDSSpLedAVcCJx/cQI5EPsb+fG2h63ij98=";
+    sha256 = "sha256-mzDowDWnIxQCbCxqPun6oCqMeke4KE+kaVDH/V5TFC4=";
    # populate values that require us to use git. By doing this in postFetch we
    # can delete .git afterwards and maintain better reproducibility of the src.
    leaveDotGit = true;
--- a/pkgs/tools/misc/plantuml/default.nix
+++ b/pkgs/tools/misc/plantuml/default.nix
@ -1,12 +1,12 @@
 { lib, stdenv, fetchurl, makeWrapper, jre, graphviz }:

 stdenv.mkDerivation rec {
-  version = "1.2022.12";
+  version = "1.2022.13";
  pname = "plantuml";

  src = fetchurl {
    url = "https://github.com/plantuml/plantuml/releases/download/v${version}/plantuml-pdf-${version}.jar";
-    sha256 = "sha256-smxdHluEVJxga03aAu4WmTtbPsAKTckHsHn+aUNrtcg=";
+    sha256 = "sha256-iKENVr3JfsnjunwTJbPrFgLLLOZ65Oj5Ub01G45w8Vc=";
  };

  nativeBuildInputs = [ makeWrapper ];
--- a/pkgs/tools/networking/ghostunnel/default.nix
+++ b/pkgs/tools/networking/ghostunnel/default.nix
@ -7,13 +7,13 @@

 buildGoModule rec {
  pname = "ghostunnel";
-  version = "1.7.0";
+  version = "1.7.1";

  src = fetchFromGitHub {
    owner = "ghostunnel";
    repo = "ghostunnel";
    rev = "v${version}";
-    sha256 = "sha256-vODSjTpo2oTY42fONhUU8Xn119cTYUGQ6RJaLnS9q3k=";
+    hash = "sha256-yG9PfpYqW95X7EfbAhKEDmqBue7SjFULXUO73V4s3t4=";
  };

  vendorSha256 = null;
@ -34,8 +34,9 @@ buildGoModule rec {

  meta = with lib; {
    broken = stdenv.isDarwin;
-    description = "A simple TLS proxy with mutual authentication support for securing non-TLS backend applications";
+    description = "TLS proxy with mutual authentication support for securing non-TLS backend applications";
    homepage = "https://github.com/ghostunnel/ghostunnel#readme";
+    changelog = "https://github.com/ghostunnel/ghostunnel/releases/tag/v${version}";
    license = licenses.asl20;
    maintainers = with maintainers; [ roberth ];
  };
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -950,6 +950,8 @@ with pkgs;

  makeAutostartItem = callPackage ../build-support/make-startupitem { };

+  makeImpureTest = callPackage ../build-support/make-impure-test.nix;
+
  makeInitrd = callPackage ../build-support/kernel/make-initrd.nix; # Args intentionally left out

  makeInitrdNG = callPackage ../build-support/kernel/make-initrd-ng.nix;
@ -27325,7 +27327,7 @@ with pkgs;

  antfs-cli = callPackage ../applications/misc/antfs-cli {};

-  antimony = libsForQt514.callPackage ../applications/graphics/antimony {};
+  antimony = libsForQt5.callPackage ../applications/graphics/antimony {};

  antiword = callPackage ../applications/office/antiword {};